NetIQ Access Manager Gateway logging profile configuration does not allow changing field delimiter other than a white space

  • 7017241
  • 10-Feb-2016
  • 10-Feb-2016

Environment

NetIQ Access Manager Access Gateway 4.1 (Service / Appliance) on SLES
NetIQ Access Manager Access Gateway 4.1.1 (Service / Appliance) on SLES
NetIQ Access Manager Access Gateway 4.2 (Service / Appliance) on SELS

Situation

  • Access Manager Gateway Reverse Proxy logging has been enabled
  • iManager GUI does not offer changing the default field delimiter from a white space to anything else
  • Application used to analyse log files requires "tabs" as delimiter

Resolution

  • configure either the Default or a Extended Logging Profile according to your needs

  • save and the configuration and apply the configuration change

  • ssh into your Access Gateway

  • change into the "/etc/opt/novell/apache2/conf/vhosts.d" directory

  • copy the file for your reverse proxy to your workstation. There is a configuration file for each reverse proxy. The name of the file matches the configured reverse proxy configuration name from within the iManager GUI. For Example the Reverse Proxy with the name PS_NW65 will be stored in a file called PS_NW65.conf.

    Note: Do not modify this file as this is controlled by the Access Manager Device Manager (devman) and will be overwritten each time you apply any configuration change from within the GUI.

  • Use and editor of your choice to open the configuration file

  • The Access Gateway uses the "Module mod_log_config" as documented at: "http://httpd.apache.org/docs/2.2/mod/mod_log_config.html"

  • modify the "LogFormat" directive according to your needs. The following directive has been used to replace the white spaces as field delimiter with tabs ("\t"):

    LogFormat "%{%Y-%m-%d %H:%M:%S}t\t%a\t%m\t%>s\t\"%{Cache-Control}o\"\t%L\t%B\t%X\t\"%{X-Forwarded-For}i\"\t%I\t\"%{ETag}o\"\t\"%{If-Range}o\"\t\"%{Range}o\"\t\"%{Content-Range}o\"\t\"%{Pra
    gma}i\"\t\"%{Pragma}o\"" PS_NW65-PS_NW65

    Note: make sure you do not add any CRLF to to the line while editing

  • use iManager to open the "Advanced Options of your on your Reverse Proxy / Proxy Service. and add the modified directives

    Example:

    CacheIgnoreHeaders Authorization

    LogFormat "%{%Y-%m-%d %H:%M:%S}t\t%a\t%m\t%>s\t\"%{Cache-Control}o\"\t%L\t%B\t%X\t\"%{X-Forwarded-For}i\"\t%I\t\"%{ETag}o\"\t\"%{If-Range}o\"\t\"%{Range}o\"\t\"%{Content-Range}o\"\t\"%{Pragma}i\"\t\"%{Pragma}o\"" PS_NW65-PS_NW65
    CustomLog "|\"/opt/novell/apache2/sbin/rotatelogs\" \"/var/log/novell/reverse/RP_LAB_Services1/PS_NW65-PS_NW65.extended.log.%Y-%m-%d-%H_%M_%S\" 10M 7files" PS_NW65-PS_NW65 env=PS_NW65

  • save the configuration change but do not apply for now

  • remove and disable the configured Logging from within iManager on your Reverse Proxy / Proxy Service

  • apply the configuration changes

  • if there are no syntax errors with the two directives you added to the Advanced Options the the Apache Proxy will start up and use the new logging directives from now on.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.